This is absolutely a critical path for me...I would appreciate anyone who has experience.
We are trying to do X.509 Signature on the message and use SSL. I just don't understand what the WSS4J is doing under the covers. For instance, user should not be required because I am doing Signature and not "Username Token" so why do I need this. There is no equivalent in a Signature/JKS to the user. Is the user supposed to equate to the owner or issuer? Also, if I want to do X.509...is the signatureKeyIdentifier supposed to be X509KeyIdentifier? Thanks for your time....jay -- View this message in context: http://cxf.547215.n5.nabble.com/CXF-with-Digital-Signatures-tp3408690p3410361.html Sent from the cxf-user mailing list archive at Nabble.com.
